if (!empty($_POST)) { $error = $pm->validatePasswords($_POST); if (empty($error)) { $pm->savePasswords($_POST); header("Location: DirectoryServer.php"); exit; } } echo $pm->generateCss(); echo $error; echo $pm->generatePasswordForm(); } else { //If the password file exists use controller logic $rm = new RecordManager(); $passwords = $pm->getPasswords(); $rm->expireRecords(); //If upload mode and uploadPassword matches if (!empty($_GET["query"]) && $_GET["query"] == "upload") { if (isset($_GET["uploadPassword"]) && md5($_GET["uploadPassword"]) == $passwords["uploadPassword"]) { //Use the following code to read post body. Not regular form posts which would be accessed with $_POST $postText = trim(file_get_contents('php://input')); $output = $rm->uploadRecords($postText); echo $output; } } elseif (!empty($_GET["query"]) && $_GET["query"] == "download") { if (isset($_GET["downloadPassword"]) && md5($_GET["downloadPassword"]) == $passwords["downloadPassword"]) { $output = $rm->downloadRecords(); echo $output; } } elseif (!empty($_GET["query"]) && $_GET["query"] == "upDown") { if (isset($_GET["downloadPassword"]) && md5($_GET["downloadPassword"]) == $passwords["downloadPassword"] && isset($_GET["uploadPassword"]) && md5($_GET["uploadPassword"]) == $passwords["uploadPassword"]) {